package com.yj.ccs.abs.web.account.controller;

import com.yj.ccs.abs.boot.authorization.annotation.CurrentUser;
import com.yj.ccs.abs.boot.authorization.session.UserSession;
import com.yj.ccs.abs.common.model.BaseResult;
import com.yj.ccs.abs.common.service.PasswordService;
import com.yj.ccs.abs.web.account.dto.LoginDto;
import com.yj.ccs.abs.web.account.dto.LoginPasswordDto;
import com.yj.ccs.abs.web.account.service.UserService;
import com.yj.ccs.abs.web.management.entity.User;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

/**
 * Copyright 2018 (C) Yunjian-VC
 * Created on : 2018/3/13
 * Author     : Unbelievable9
 **/
@Api(tags = "Web-Login-controller")
@RestController
@RequestMapping("/web")
public class LoginController {

    private final UserService userService;

    private final PasswordService passwordService;

    private final UserSession userSession;

    @Autowired
    public LoginController(UserService userService,
                           PasswordService passwordService,
                           UserSession userSession) {
        this.userService = userService;
        this.passwordService = passwordService;
        this.userSession = userSession;
    }

    @ApiOperation("登录")
    @PostMapping("/login")
    public ResponseEntity<BaseResult> login(@RequestBody @Validated LoginDto loginDto) {
        User user = userService.getUserByAccount(loginDto.getAccount());

        if (user == null) {
            return new ResponseEntity<>(BaseResult.error("用户不存在"), HttpStatus.OK);
        } else {
            if (!user.getActive()) {
                return new ResponseEntity<>(BaseResult.error("用户已被停用"), HttpStatus.OK);
            } else {
                if (passwordService.isValidPassword(user.getPassword(), user.getPassword_salt(), loginDto.getPassword())) {
                    userSession.login(user);

                    return new ResponseEntity<>(BaseResult.success("用户登录成功").setData(user), HttpStatus.OK);
                } else {
                    return new ResponseEntity<>(BaseResult.error("密码错误, 请重新输入"), HttpStatus.OK);
                }
            }
        }
    }

    @ApiOperation("获取用户基本信息")
    @GetMapping("/info")
    public ResponseEntity<BaseResult> info(@CurrentUser User user) {
        return new ResponseEntity<>(BaseResult.success("获取用户基本信息成功").setData(user), HttpStatus.OK);
    }

    @ApiOperation("修改密码")
    @PostMapping("/change-password")
    public ResponseEntity<BaseResult> changePassword(@RequestBody @Validated LoginPasswordDto loginPasswordDto, @CurrentUser User user) {
        if (!passwordService.isValidPassword(user.getPassword(), user.getPassword_salt(), loginPasswordDto.getOld_password())) {
            return new ResponseEntity<>(BaseResult.error("原密码错误"), HttpStatus.OK);
        } else {
            if (!loginPasswordDto.getNew_password().equals(loginPasswordDto.getNew_password_confirm())) {
                return new ResponseEntity<>(BaseResult.error("两次输入的新密码不相同"), HttpStatus.OK);
            } else {
                userService.changeUserPassword(loginPasswordDto.getNew_password(), user.getId());

                return new ResponseEntity<>(BaseResult.success("修改密码成功"), HttpStatus.OK);
            }
        }
    }

    @ApiOperation("登出")
    @GetMapping("/logout")
    public ResponseEntity<BaseResult> logout(@CurrentUser User user) {
        userSession.logout();

        return new ResponseEntity<>(BaseResult.success("用户登出成功"), HttpStatus.OK);
    }
}
